CWE-121— Stack-based Buffer Overflow
3,124 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 40 of 63
- CVE-2024-56139MEDIUMCVSS 6.9EG 0.02024-12-17
pdftools is a high level tools to convert PDF files to ePUB formats. In versions up to and including 0.5.0 maliciously crafted epub files can cause a stack overflow leading to a crash. This issue has not yet been addressed and users are ad…
- CVE-2024-56468HIGHCVSS 7.5EG 7.52025-07-08
IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 could allow a remote user to cause a denial of service by sending an invalid HTTP request to the log reading service.
- CVE-2024-57440HIGHCVSS 7.5EG 7.52025-03-20
D-Link DSL-3788 revA1 1.01R1B036_EU_EN is vulnerable to Buffer Overflow via the COMM_MAKECustomMsg function of the webproc cgi
- CVE-2024-58115MEDIUMCVSS 4.0EG 4.02025-04-07
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-58116MEDIUMCVSS 4.0EG 4.02025-04-07
Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-58117MEDIUMCVSS 4.0EG 4.02025-07-07
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
- CVE-2024-58299CRITICALCVSS 9.8EG 9.82025-12-12
PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and …
- CVE-2024-5931MEDIUMCVSS 6.3EG 6.32024-09-13
BT: Unchecked user input in bap_broadcast_assistant
- CVE-2024-5948HIGHCVSS 8.8EG 8.82024-06-13
Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronic…
- CVE-2024-5950HIGHCVSS 8.8EG 8.82024-06-13
Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Elec…
- CVE-2024-6137HIGHCVSS 7.6EG 7.62024-09-13
BT: Classic: SDP OOB access in get_att_search_list
- CVE-2024-6144HIGHCVSS 8.8EG 8.82024-06-19
Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. …
- CVE-2024-6146HIGHCVSS 8.8EG 8.82024-06-19
Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q r…
- CVE-2024-6189HIGHCVSS 8.8EG 8.82024-06-20
A vulnerability was found in Tenda A301 15.13.08.12. It has been classified as critical. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based b…
- CVE-2024-6249HIGHCVSS 8.8EG 8.82024-11-22
Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentic…
- CVE-2024-6402MEDIUMCVSS 6.5EG 6.52024-06-28
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this vulnerability is the function fromSetWirelessRepeat of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-…
- CVE-2024-6403MEDIUMCVSS 6.5EG 6.52024-06-28
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12. Affected by this issue is the function formWifiBasicSet of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to st…
- CVE-2024-6744CRITICALCVSS 9.8EG 9.82024-07-15
The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system comm…
- CVE-2024-6962HIGHCVSS 8.8EG 8.82024-07-22
A vulnerability classified as critical was found in Tenda O3 1.0.0.10. This vulnerability affects the function formQosSet. The manipulation of the argument remark/ipRange/upSpeed/downSpeed/enable leads to stack-based buffer overflow. The a…
- CVE-2024-6963HIGHCVSS 8.8EG 8.82024-07-22
A vulnerability, which was classified as critical, has been found in Tenda O3 1.0.0.10. This issue affects the function formexeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initi…
- CVE-2024-6964HIGHCVSS 8.8EG 8.82024-07-22
A vulnerability, which was classified as critical, was found in Tenda O3 1.0.0.10. Affected is the function fromDhcpSetSer. The manipulation of the argument dhcpEn/startIP/endIP/preDNS/altDNS/mask/gateway leads to stack-based buffer overfl…
- CVE-2024-6965HIGHCVSS 8.8EG 8.82024-07-22
A vulnerability has been found in Tenda O3 1.0.0.10 and classified as critical. Affected by this vulnerability is the function fromVirtualSet. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflo…
- CVE-2024-7013HIGHCVSS 7.8EG 7.82024-08-21
Stack-based buffer overflow in Control FPWIN Pro version 7.7.2.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file.
- CVE-2024-7151HIGHCVSS 8.8EG 8.82024-07-27
A vulnerability was found in Tenda O3 1.0.0.10(2478). It has been declared as critical. This vulnerability affects the function fromMacFilterSet of the file /goform/setMacFilter. The manipulation of the argument remark leads to stack-based…
- CVE-2024-7152HIGHCVSS 8.8EG 8.82024-07-27
A vulnerability was found in Tenda O3 1.0.0.10(2478). It has been rated as critical. This issue affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument time leads to stack-based buff…
- CVE-2024-7439HIGHCVSS 8.8EG 8.82024-08-03
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical. Affected by this issue is the function read of the component httpd. The manipulation of the argument Content-Length leads to…
- CVE-2024-7441HIGHCVSS 8.8EG 8.82024-08-03
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been declared as critical. This vulnerability affects the function read of the component httpd. The manipulation of the argument Content-Length …
- CVE-2024-7502HIGHCVSS 7.8EG 7.82024-08-06
A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer, which could allow an attacker to execute arbitrary code.
- CVE-2024-7509HIGHCVSS 7.8EG 7.82024-11-22
Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is requ…
- CVE-2024-7538HIGHCVSS 7.8EG 7.82024-08-06
oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute co…
- CVE-2024-7539HIGHCVSS 7.8EG 7.82024-08-06
oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the t…
- CVE-2024-7547HIGHCVSS 7.8EG 7.02024-08-06
oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute …
- CVE-2024-7581HIGHCVSS 8.8EG 8.82024-08-07
A vulnerability classified as critical has been found in Tenda A301 15.13.08.12. This affects the function formWifiBasicSet of the file /goform/WifiBasicSet. The manipulation of the argument security leads to stack-based buffer overflow. I…
- CVE-2024-7614HIGHCVSS 8.8EG 8.82024-08-12
A vulnerability was found in Tenda FH1206 1.2.0.8(8155). It has been classified as critical. Affected is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow…
- CVE-2024-7615HIGHCVSS 8.8EG 8.82024-08-12
A vulnerability was found in Tenda FH1206 1.2.0.8. It has been declared as critical. Affected by this vulnerability is the function fromSafeClientFilter/fromSafeMacFilter/fromSafeUrlFilter. The manipulation leads to stack-based buffer over…
- CVE-2024-7707HIGHCVSS 8.8EG 8.82024-08-13
A vulnerability was found in Tenda FH1206 02.03.01.35 and classified as critical. Affected by this issue is the function formSafeEmailFilter of the file /goform/SafeEmailFilter of the component HTTP POST Request Handler. The manipulation o…
- CVE-2024-7784MEDIUMCVSS 6.1EG 6.12024-09-10
During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this prote…
- CVE-2024-7795HIGHCVSS 8.8EG 8.82024-08-21
Autel MaxiCharger AC Elite Business C50 AppAuthenExchangeRandomNum Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of…
- CVE-2024-7908HIGHCVSS 8.8EG 8.82024-08-18
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. Affected is the function setDefResponse of the file /www/cgi-bin/cstecgi.cgi. The manipulation of the argument IpAddress leads to stack…
- CVE-2024-7909HIGHCVSS 8.8EG 8.82024-08-18
A vulnerability has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023 and classified as critical. Affected by this vulnerability is the function setLanguageCfg of the file /www/cgi-bin/cstecgi.cgi. The manipulation of the argument langT…
- CVE-2024-7992HIGHCVSS 7.8EG 7.82024-10-29
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or e…
- CVE-2024-7994HIGHCVSS 7.8EG 7.82024-10-16
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context …
- CVE-2024-8224HIGHCVSS 8.8EG 8.82024-08-27
A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.20. This issue affects the function formSetDebugCfg of the file /goform/setDebugCfg. The manipulation of the argument enable/level/module leads to stack-…
- CVE-2024-8225HIGHCVSS 8.8EG 8.82024-08-27
A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument sysTimePolicy leads to stack-based buffer over…
- CVE-2024-8226HIGHCVSS 8.8EG 8.82024-08-28
A vulnerability has been found in Tenda O1 1.0.0.7(10648) and classified as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buf…
- CVE-2024-8227HIGHCVSS 8.8EG 8.82024-08-28
A vulnerability was found in Tenda O1 1.0.0.7(10648) and classified as critical. Affected by this issue is the function fromDhcpSetSer of the file /goform/DhcpSetSer. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/d…
- CVE-2024-8228HIGHCVSS 8.8EG 8.82024-08-28
A vulnerability was found in Tenda O5 1.0.0.8(5017). It has been classified as critical. This affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-…
- CVE-2024-8229HIGHCVSS 8.8EG 8.82024-08-28
A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been declared as critical. This vulnerability affects the function frommacFilterModify of the file /goform/operateMacFilter. The manipulation of the argument mac leads to stack-ba…
- CVE-2024-8230HIGHCVSS 8.8EG 8.82024-08-28
A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been rated as critical. This issue affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack…
- CVE-2024-8231HIGHCVSS 8.8EG 8.82024-08-28
A vulnerability classified as critical has been found in Tenda O6 1.0.0.7(2054). Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based …
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →